package se.swedenconnect.opensaml;

import java.security.Security;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.opensaml.core.config.ConfigurationService;
import org.opensaml.xmlsec.EncryptionConfiguration;
import org.opensaml.xmlsec.SecurityConfigurationSupport;
import org.opensaml.xmlsec.SignatureSigningConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.swedenconnect.opensaml.xmlsec.ExtendedEncryptionConfiguration;
import se.swedenconnect.opensaml.xmlsec.config.ExtendedDefaultSecurityConfigurationBootstrap;

/* loaded from: input_file:se/swedenconnect/opensaml/OpenSAMLSecurityExtensionConfig.class */
public class OpenSAMLSecurityExtensionConfig implements OpenSAMLInitializerConfig {
    private Logger log = LoggerFactory.getLogger(OpenSAMLSecurityExtensionConfig.class);

    @Override // se.swedenconnect.opensaml.OpenSAMLInitializerConfig
    public String getName() {
        return "opensaml-security-extension";
    }

    @Override // se.swedenconnect.opensaml.OpenSAMLInitializerConfig
    public void preInitialize() throws Exception {
        if (Security.getProvider("BC") == null) {
            this.log.info("{}: Crypto provider '{}' is not installed, installing it ...", getName(), "BC");
            Security.addProvider(new BouncyCastleProvider());
            this.log.info("{}: Crypto provider '{}' was installed", getName(), "BC");
        }
    }

    @Override // se.swedenconnect.opensaml.OpenSAMLInitializerConfig
    public void postInitialize() throws Exception {
        if (ExtendedEncryptionConfiguration.class.isInstance((EncryptionConfiguration) ConfigurationService.get(EncryptionConfiguration.class))) {
            this.log.debug("{}: ExtendedEncryptionConfiguration already present in OpenSAML configuration", getName());
        } else {
            this.log.info("Adding key agreement support to system EncryptionConfiguration");
            ConfigurationService.register(EncryptionConfiguration.class, ExtendedDefaultSecurityConfigurationBootstrap.buildDefaultEncryptionConfiguration(SecurityConfigurationSupport.getGlobalEncryptionConfiguration()));
            this.log.debug("{}: Extended encryption configuration successfully registered", getName());
        }
        ConfigurationService.register(SignatureSigningConfiguration.class, ExtendedDefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration(SecurityConfigurationSupport.getGlobalSignatureSigningConfiguration()));
    }
}
